I’d recommend both, especially if your servers are likely to be ddos/dos attacked and susceptible to other similar threats as hardware firewalls come into their own with this kind of threat. As a rule of thumb think of them as a front line defence as more often than not without reconfiguration they do little more than scan, route and drop packets.

Software firewalls are very similar but protect individual machines and are necessary if your sever utilises FTP to help ensure and also remove any threats that may have slipped past. Though many data centred already utilise network level (hardware) firewalls.

Software firewall is mandatory to keep your average lookyloo's at bay, however they're already on the machine and can drive up the CPU and usage, not to mention the dDOS with just TCP requests.

With the hardware firewall you can stop the intrusion before it ever reaches your machine. Null route their connection and you no longer have to think about them (on the machine level). It's then into the DataCenter's hands to find the inflow of traffic and cut that off. You at that point are no longer contributing to the problem.

As stated, all datacenters have some form of hardware firewall - some go two or three levels deep before getting to your machine. Some of the depth that you will want to go to will depend on how exposed you are as a site on the web.

Both are important, hardware firewalls are typically owned by larger businesses.
Hardware firewalls are best suited to businesses and large networks; software firewalls are best suited for the home user who wants easy customization.